Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a ..\ (dot dot backslash) in the config parameter.
Max CVSS
5.8
EPSS Score
3.46%
Published
2007-12-20
Updated
2018-10-15
1 vulnerabilities found